Security specialists from Positive Technologies discovered a flaw in recent Intel chips that will provide a pathway for hackers to access the operating system and its applications. Even though the vulnerability is difficult to exploit, it cannot be fixed.
The flaw is present in the chipset’s Converged Security and Management Engine (CSME). CSME is responsible for system boot-up, power levels, firmware as well as cryptographic functions. Hence, CSME, which comes with its 486-based CPU, RAM, and boot ROM, is the first component that runs during the boot process. Before protecting its memory, there is a brief moment of vulnerability that can be exploited by anyone who knows the local or physical access to a machine.
If an attacker gets in via this vulnerability, they will have access to the core parts of the operating system that can lead to severe damage. Mark Ermolov from Positive Technologies, while explaining the vulnerability, said:
This [chipset] key is not platform-specific. A single key is used for an entire generation of Intel chipsets. And since… the ROM vulnerability cannot be fixed, we believe that extracting this key is only a matter of time. When this happens, utter chaos will reign. Hardware IDs will be forged, digital content will be extracted, and data from encrypted hard disks will be decrypted.
Moreover, since boot code and RAM are hardcoded into Intel’s CPUs, patching or resetting them is not an option here. This vulnerability applies to all intel chips manufactured within the past five years.
If its any consolation, exploiting the vulnerability would require physical access to a machine, major technological know-how, and specialized equipment.
This is not the first time something like this with intel chips has come to light. The chipmaker faced major criticism in 2018 for a similar flaw that allowed hackers to steal user’s private data.